[Mod-security-rules] ModSecurity version 2.9.1-rc1 announcement

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

It is a pleasure to announce the first release candidate for ModSecurity
version 2.9.1. The version 2.9.1-RC1 contains fixes and new features.
The new features list includes audit logs in JSON format.

I would like to thank you all, that participate in the construction of
this release. A special thanks to the ones who sent patches and the ones
who participated on the community meetings, which helped to increase the
quality of our releases. Thank you.

The documentation of the new features is already available on our wiki
page: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual

The source and binaries (and the respective hashes) are available at:
https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.1-RC1

The most important changes are listed bellow:

* New features

 - Added support to generate audit logs in JSON format.
   [Issue #914, #897, #656 - Robert Paprocki]
 - Extended Lua support to include version 5.3
   [Issue #837, #762, #814 - Athmane Madjoudj and ModSecurity team]
 - mlogc: Allows user to choose between TLS versions (TLSProtocol option
   introduced).
   [Issue #881 - Ishwor Gurung]
 - Allows mod_proxy's "nocanon" behavior to be specified in proxy actions.
   [Issue #1031, #961, #763 - Mario D. Santana and ModSecurity team]

* Bug fixes

 - Creating AuditLog serial file (or parallel index) respecting the
   permission configured with SecAuditLogFileMode. Previously, it was
   used only to save the transactions while in parallel mode.
   [Issue #852 - @littlecho and ModSecurity team]
 - Checking for hashing injection response, to report in case of failure.
   [Issue #1041 - ModSecurity team]
 - Stop buffering when the request is larger than SecRequestBodyLimit
   in ProcessPartial mode
   [Issue #709, #705, #728 - Justin Gerace and ModSecurity team]
 - Refactoring conditional #if/#defs directives.
   [Issue #996 - Wesley M and ModSecurity team]
 - mlogc-batch-load.pl.in: fix searching SecAuditLogStorageDir
   files with Apache 2.4
   [Issue #775 - Elia Pinto]
 - Understands IIS 10 as compatible on Windows installer.
   [Issue #931 - Anton Serbulov, Pavel Vasilevich and ModSecurity team]
 - Fix apache logging limitation by using correct Apache call.
   [Issue #840 - Christian Folini]
 - Fix apr_crypto.h check on 32-bit Linux platform
   [Issue #882, #883 - Kurt Newman]
 - Fix variable resolution duration (Content of the DURATION variable).
   [Issue #662 - Andrew Elble]
 - Fix crash while adding empty keys to persistent collections.
   [Issue #927 - Eugene Alekseev, Marc Stern and ModSecurity team]
 - Remove misguided call to srand()
   [Issues #778, #781 and #836 - Michael Bunk, @gilperon]
 - Fix compilation problem while ssdeep is installed in non-standard
   location.
   [Issue #872 - Kurt Newman]
 - Fix invalid storage reference by apr_psprintf at msc_crypt.c
   [Issue #609 - Jeff Trawick]

* Known issues

 - Instabilities of nginx add-on are still expected. Please use the "nginx
   refactoring" branch and stay tuned for the ModSecurity version 3.

Br.,
Felipe "Zimmerle" Costa
Lead Developer for ModSecurity
Security Researcher, SpiderLabs

Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com <http://www.trustwave.com/>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - https://gpgtools.org

iEYEARECAAYFAlayNO4ACgkQ5t+wjOixEneGyQCeJtAPhLk9EXRg7/GviovZQ2i5
bwMAn3SSrlzFC+g3zdlOU4Yug3kiRpAp
=Prxb
-----END PGP SIGNATURE-----

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.